Latest Internet & Cybersecurity News
Widespread Attacks Target Palo Alto GlobalProtect VPN Portals
Hackers launched active exploitation attempts on Palo Alto Networks' GlobalProtect VPN portals from over 7,000 IP addresses globally, exploiting vulnerabilities including unpatched critical flaws and misconfigurations. Palo Alto Networks urged multi-factor authentication and patching, with CISA adding related indicators to their known exploited vulnerabilities list.
Massive Ransomware Impact Revealed: 754 Victims Across 73 Countries in November 2025
Data Breaches Digest reported 754 global ransomware victims last November, spanning 73 countries, including 396 U.S. victims across 49 states. Four new ransomware operators—Benzona, Kazu, ROOT, and TridentLocker—were identified, marking growing diversity in threats.
2025 ISC2 Cybersecurity Workforce Study Highlights Skills Gaps Amid AI Adoption
The 2025 ISC2 report revealed cybersecurity teams face rising risk due to staffing and budget cuts, while AI reshapes required skills and offers new career paths. Organizations are urged to invest in reskilling and multiskilling to adapt to evolving threats amid economic pressures.
Ransomware Present in 44% of Breaches, AI Tools Used in 16% in 2025
Analysis shows ransomware involved in 44% of breaches, a rise from 32% in 2024, with attackers increasingly using AI-generated phishing and deepfake techniques. Shadow AI misuse by employees raises breach costs by $670,000 on average. Supply chain attacks now cause around 30% of breaches.
Over 8,000 Global Data Breaches Expose 345 Million Records in First Half of 2025
Experian's 13th annual data breach industry forecast indicates record breach volume despite budget increases. AI factors heavily into emerging trends, including the rise of polymorphic malware, agentic AI threats, and quantum computing risks.
Law Enforcement Disrupts Major Cybercrime Networks Including Cryptomixer
German and Swiss agencies dismantled Cryptomixer, a crypto laundering service, seizing approximately $29 million in Bitcoin. Other operations targeted espionage footholds and illegal gambling infrastructure used for malware campaigns.
Critical React and Node.js Vulnerabilities Patched Urgently
A max-severity remote code execution flaw (CVE-2025-55182) was patched in React Server Components, with urgent calls for updates. Google also patched 51 Android vulnerabilities, including high-severity flaws suspected of targeted exploitation.
Ransomware Attack on Minnesota’s Mower County Exposes Sensitive Health Data
A ransomware incident in June 2025 at Mower County compromised protected health information related to county health services, leading to system shutdown and community disruption.
Weak Cybersecurity in Hospitals Increases Vulnerability to Ransomware and Data Leaks
Hospitals with insufficient cybersecurity measures continue to suffer ransomware incidents and sensitive data exposures, emphasizing the need for stronger defenses in the healthcare sector.
175th Cyber Operations Group Hosts First Wing-wide Capture the Flag Event
The 175th Cyberspace Operations Group expanded its annual CTF competition to all Airmen using the Hack the Box platform, fostering skill development in network exploitation, forensics, and secure coding relevant to real-world cyber defense.